Information Security Blog

Menu

Uncategorized

Intro In a previous post, @bluscreenofjeff and I (@Sw4mp_f0x)discussed the importance of data parsing skills for penetration testers and detailed the basics of how to get started with it. We covered a few tools, but only scraped the surface of what’s possible with two very powerful tools: awk and sed. As a refresher, AWK is a programming…

Amazon’s S3 buckets have been a hot topic lately and are worth taking a look at from both a red and blue perspective. Just last week, poor S3 bucket access control management has led to Verizon exposing approximately 14 million customer records, including customer service PINs. Just before that, a GOP analytics firm exposed 198…

Introduction BLUF: Kraken is a web interface survey tool for offensive and defensive purposes that will screenshot and catalog web interfaces found through scanning. It can be found on my Github, which includes a wiki with detailed setup and usage information. Evaluating web interfaces during a penetration test is, arguably, the biggest pain point…

Intro In a previous post, @bluscreenofjeff and I discussed the importance of data parsing skills for penetration testers and detailed the basics of how to get started with it. In that post we covered multiple ways to match text and search for specific strings. The examples we used were pretty straightforward, which is not always true…

Parsing data is a fundamental ability that anyone serious about information security should consider putting time and effort into understanding. It can mean the difference between spamming Ctrl+F in a text editor and pulling out exactly what you need with a Bash one-liner that took a couple of minutes to create and modify. In the…

Introduction and Intent Since watching FireEye FLARE’s ‘WhyMI So Sexy?‘ at Derbycon last September, I have wanted to better understand WMI Events and apply them to offensive security operations. I saw the potential, but my comprehension was lacking and a comprehensive offensive WMI toolset did not exist. I was recently taken to school on WMI…

I decided to take some screenshots of Powershell Empire today while performing payload analysis. Below is a quick, down and dirty, walkthrough to get you going with Powershell Empire. Keep in mind I have only looked at the slideshow at this point. I really like the idea of using these instead of Meterpreter due to…